[Storage] Fix public bucket source check in SkyPilot Storage

[romilbhardwaj]

Closes #977.

GetPublicAccessBlock is no longer a reliable method to check if a s3 bucket is public. Buckets can be publicly readable yet not allow access to GetPublicAccessBlock. I'm not sure what caused it (and I can't find a clear reason).

Some buckets still allow it (e.g., s3://tcga-2-open, which is used in our smoke tests and thus was passing), but others have blocked it (e.g., s3://digitalcorpora, s3://imagenet-bucket).

Using head_bucket API now, as recommended by boto3 docs.

Also added storage tests for non-existent and private buckets.

Tested:

• pytest test_smoke.py::TestStorageWithCredentials
• YAML in Fail to access public bucket with sky storage #977
• All smoke tests

[michaelzhiluo]

match=backend_utils._BUCKET_FAIL_TO_CONNECT_MESSAGE.format(...)

[romilbhardwaj]

Ahh private buckets trigger this message on gcp, so the common message is the bucket name is taken:

skypilot/sky/data/storage.py

Lines 1129 to 1133 in 6196552

	ex = exceptions.StorageBucketGetError(
	f'Attempted to access a private external bucket {self.name}'
	'\nCheck if the 1) the bucket name is taken and/or '
	'2) the bucket permissions are not setup correctly. '
	f'Consider using `gsutil ls gs://{self.name}` to debug.')

[michaelzhiluo]

In this case, can we move this message as an variable such as PRIVATE_BUCKET_ERROR?

[concretevitamin]

Thanks @romilbhardwaj! LGTM. @michaelzhiluo?

[concretevitamin]

Can we keep this bucket in the test? For coverage.

[romilbhardwaj]

Great point - added!

[concretevitamin]

Could not*

[romilbhardwaj]

good catch! fixed

[romilbhardwaj]

@michaelzhiluo ready for another look!

[michaelzhiluo]

This PR looks good to me, as long as above comment is resolved!

[romilbhardwaj]

@michaelzhiluo - regarding refactoring error strings, I'll create another PR to fix that since that's tangential to this bugfix - would that be ok?

[michaelzhiluo]

Sounds good, in that case, feel free to merge!